438 matches found
Security update for jq
This update for jq fixes the following issue: CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
CVE-2026-23265
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...
Spinning complex ideas into clear docs with Kri Dontje
Welcome back! This week, we're shining a spotlight on Kri Dontje, a technical writer who's become an essential voice in making Cisco Talos' work understandable for a wide audience. With a background in technical communications and a career that began at a small startup, Kri discusses the importan...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005416)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005416 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled,...
OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallback
Summary In [email protected], BlueBubbles group authorization could incorrectly treat DM pairing-store identities as group allowlist identities when dmPolicy=pairing and groupPolicy=allowlist. A sender that was only DM-paired not explicitly present in groupAllowFrom could pass group sender check...
Authorization bypass in Grafana datasource deletion
A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: The attacker must have admin access to the specific datasource prior to its first deletion...
OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals
Summary A mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. Affected Configurations This only impacts deployments that: - Use the node host / companion node executi...
Hallucination-Resistant Security Planning with a Large Language Model
Large language models LLMs are promising tools for supporting security management tasks, such as incident response planning. However, their unreliability and tendency to hallucinate remain significant challenges. In this paper, we address these challenges by introducing a principled framework for...
Malicious Package
Overview check-deps-ver-consistency is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview check-dependency-ver-consistency is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
UBUNTU-CVE-2025-71135
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt The variable mddev-private is first assigned to conf and then checked: conf = mddev-private; if !conf ... If conf is NULL, then mddev-private is also...
UBUNTU-CVE-2025-71064
In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the numtqps in the vf driver to apply for resources Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps, hdev-numtqps;...
CVE-2018-4313
A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
AutoVulnPHP: LLM-Powered Two-Stage PHP Vulnerability Detection and Automated Localization
PHP's dominance in web development is undermined by security challenges: static analysis lacks semantic depth, causing high false positives; dynamic analysis is computationally expensive; and automated vulnerability localization suffers from coarse granularity and imprecise context. Additionally,...
UBUNTU-CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2023-54077
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfsreadmft failed Label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, then next attr will goto label ATTRALLOC and alloc ni-dir.allocrun. However two states are not always...
jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted
...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
CVE-2025-68212 fs: Fix uninitialized 'offp' in statmount_string()
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmountstring In statmountstring, most flags assign an output offset pointer offp which is later updated with the string offset. However, the STATMOUNTMNTUIDMAP and STATMOUNTMNTGIDMAP cases...